miro-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls Miro endpoints such as MIRO_GET_BOARDS2 and MIRO_GET_BOARD_ITEMS (and reads item fields like sticky note data.content) to list and ingest user-generated board content from Miro, which is untrusted third‑party content the agent is expected to interpret as part of its workflow and could enable indirect prompt injection.